%term

The latest News and Information on Application Security including monitoring, testing, and open source.

AWS and Mend.io Webinar: Five Principles of Modern Application Security Programs

Sep 20, 2023 By Mend In Mend

Organizations of all kinds are experiencing increasing volumes, frequency, and severity of cyberattacks. 71% of IT and security leaders say that their portfolio of applications has become more vulnerable in the last year alone, and cybercrime is expected to cost companies worldwide around $10.5 trillion annually by 2025. To fight this trend, organizations need a resilient AppSec strategy that can reinforce trust, reliability, and security when faced with adverse conditions.

View Video

Mend

Read more about AWS and Mend.io Webinar: Five Principles of Modern Application Security Programs

How Supply Chain Attacks Work - And What You Can Do to Stop Them

Sep 20, 2023 By Mend In Mend

Supply chain attacks made headlines in 2022, sending shockwaves through the industry as security and business leaders scrambled to reexamine the security of their own supply chains. In this webinar, experts talk through the stages of a supply chain attack and the different types of attacks to look for. You will also learn what tools and strategies you can start using immediately to assess your own supply chain security and put defenses in place to keep your supply chain protected.

View Video

Mend

Read more about How Supply Chain Attacks Work - And What You Can Do to Stop Them

Release with Trust or Die. Key swampUP 2023 Announcements

Sep 14, 2023 By Yoav Landman In JFrog

Every year, JFrog brings the DevOps community and some of the world’s leading corporations together for the annual swampUP conference, aimed at providing real solutions to developers and development teams in practical ways to prepare us all for what’s coming next.

Read Post

JFrog

Read more about Release with Trust or Die. Key swampUP 2023 Announcements

Container Security Fundamentals - Linux Capabilities (Part 1)

Sep 11, 2023 By Datadog In Datadog

In this video we're looking at how Linux capabilities can be used by general programs and containers to provide only specific rights they need instead of providing "root" privileges. To learn more, read our blog on Datadog’s Security Labs site.

View Video

Datadog

Read more about Container Security Fundamentals - Linux Capabilities (Part 1)

7 AppSec tips from Snowflake's Director of Product Security

Aug 31, 2023 By Brian Piper In Snyk

At this year’s AWS re:Invent, Mic McCully, Field CTO at Snyk, spoke with Jacob Salassi, Director of Product Security at Snowflake. They discussed what it looked like for Snowflake to overcome various security challenges with the right combination of processes, company culture shifts, and tool partners (including Snyk!). Read on to learn about the practices Jacob and his team established to create a successful application security program.

Read Post

Snyk

Read more about 7 AppSec tips from Snowflake's Director of Product Security

Malicious Packages Special Report Overview

Aug 24, 2023 By Mend In Mend

Malicious Packages: A Growing Threat to the Software Supply Chain The global economy runs on software applications, and their function and security are critical to every company’s success. Many applications have exploitable vulnerabilities that modern defenders struggle to effectively detect and remediate. In addition to the growing number of vulnerabilities, today’s security teams face the emerging challenge of malicious packages.

View Video

Mend

Read more about Malicious Packages Special Report Overview

Five Key Application Security Best Practices and Benefits for Maintaining Up-to-Date Dependencies

Aug 22, 2023 By Rhys Arkins In Mend

We’re using more code, software components, and dependencies than ever before, making security breaches an ever-growing threat. It’s easy for developers and DevOps teams to neglect dependency updates when faced with such high volume, but doing so allows applications to fall behind the latest versions if not properly managed. This typically leaves applications using outdated dependencies, which exposes them to ever-increasing security debt and risk.

Read Post

Mend

Read more about Five Key Application Security Best Practices and Benefits for Maintaining Up-to-Date Dependencies

Application Security Report: Q2 2023

Aug 21, 2023 By Michael Tremante In Cloudflare

Cloudflare has a unique vantage point on the Internet. From this position, we are able to see, explore, and identify trends that would otherwise go unnoticed. In this report we are doing just that and sharing our insights into Internet-wide application security trends. This report is the third edition of our Application Security Report. The first one was published in March 2022, with the second published earlier this year in March, and this is the first to be published on a quarterly basis.

Read Post

Cloudflare

Read more about Application Security Report: Q2 2023

An Introduction to Application Security

Aug 21, 2023 By Jeff Darrington In Graylog

While security teams may “run on Dunkin’,” companies run on applications. From Salesforce and Hubspot to ServiceNow and Jira, your organization relies on a complex, interconnected application ecosystem. In 2022, organizations used an average of 130 Software-as-a-Service (SaaS) applications. While these technologies enabled them to reduce costs and achieve revenue targets, they created new security risks.

Read Post

Graylog

Read more about An Introduction to Application Security

Does GitOps enhance application security?

Aug 21, 2023 By Vandana Verma Sehgal In Snyk

GitOps was pioneered by Weeveworks in 2017. It uses familiar tools to implement continuous deployment for cloud-native applications, improving the developer experience of Kubernetes cluster management and application delivery.

Read Post